Adapting to Linear Separable Subsets with Large-Margin in Differentially Private Learning

Abstract

This paper studies the problem of differentially private empirical risk minimization (DP-ERM) for binary linear classification. We obtain an efficient (,δ)-DP algorithm with an empirical zero-one risk bound of O(1γ2 n + |Sout|γ n) where n is the number of data points, Sout is an arbitrary subset of data one can remove and γ is the margin of linear separation of the remaining data points (after Sout is removed). Here, O(·) hides only logarithmic terms. In the agnostic case, we improve the existing results when the number of outliers is small. Our algorithm is highly adaptive because it does not require knowing the margin parameter γ or outlier subset Sout. We also derive a utility bound for the advanced private hyperparameter tuning algorithm.